BreachExchange mailing list archives
Verizon Incident Metrics Framework Released
From: security curmudgeon <jericho () attrition org>
Date: Mon, 1 Mar 2010 06:33:10 +0000 (UTC)
http://securityblog.verizonbusiness.com/2010/02/19/veris-framework-2/ Verizon Incident Metrics Framework Released Wade Baker February 19th, 2010 Many of you who reading our blog regularly are familiar with our .Data Breach Investigations Report.. We hope that you.ve found past reports informative, useful, and above all, actionable. The production of the DBIR has been driven by our desire to help solve what we see as two of the most significant problems facing our industry: 1. Uncertainty due to the lack of data 2. Equivocality due to the lack of a common framework Basically, we believe that until we can all be on the same page regarding what terms mean and why those terms are useful, we.re going to have a problem creating meaning from any data we *do* get. One of the reasons we feel that the DBIR was so successful is because we are able to translate the incident narrative (the attacker did this, then that, then the other thing) into a data set. To accomplish this translation task, we used a framework, a sort of taxonomy of incident elements we thought that, when gathered consistently, would help people better interpret data and manage risk. Today we.re making a version of that framework, the Verizon Incident Sharing Framework (VerIS), available for you to use. In the document that you can download here, you.ll find the first release of the VerIS framework. You can also find a shorter executive summary here. Our goal for our customers, friends, and anyone responsible for incident response, is to be able to create data sets that can be used and compared because of their commonality. Together, we can work to eliminate both equivocality and uncertainty, and help defend the organizations we serve. We hope that you.ll use and even take an active interest in the VerIS Framework. To that extent, we.ve set up an online forum for questions and answers, and have put in place an advisory board of independent security experts to work with the community for the better growth and evolution of the framework as it.s used outside of Verizon. We truly believe that together, we can begin to make a real difference, and it is our hope that this .common language. will be the first step towards creating an era of shared knowledge and collaboration for our industry. _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Verizon Incident Metrics Framework Released security curmudgeon (Mar 01)